Running Puppet in Client/Server Mode

In my last post, I introduced how to run a very simple HelloWorld script with Puppet 3.1.0 on CentOS 6.3. Although it shows how Puppet works, it’s not really how Puppet is used in real world. To get the most out of Puppet, you want to run the client/server mode where you have a master and many agents.

Part 1: Install Puppet server

Lost VMs or Containers? Too Many Consoles? Too Slow GUI? Time to learn how to "Google" and manage your VMware and clouds in a fast and secure HTML5 App.

To install a master, you will use the same repositories as installing the Puppet agent. The command for installing the server is slightly different. Here are the commands:

# rpm -Uvh
# rpm -Uvh
# yum -y install puppet-server

Part 2: Open up firewall

Puppet uses TCP port 8140, which is turned off by default on CentOS 6.3. To turn it on, you can click System – Administration – Firewall to open the Firewall Configuration. On the left side list, click the “Other Port,” and then click “Add” button on the right side pane. In the dialog box, click on the “User Defined” checkbox and enter “8140” in port field and pick “tcp” from protocol list. Don’t forget to click on the “Apply” button on toolbar afterwards.

Part 3: Set up host name

For Puppet client/server to work, you have to have all of them assigned DNS names. If you don’t have DNS configured, you can add a few lines to the /etc/hosts (# vim /etc/hosts) file as follows (last two lines):    localhost.localdomain localhost puppetmaster puppet puppetclient

You will need to add the two or more lines to the both the server and clients. When you have multiple clients, you want to either set up DNS server, or add one line for each client involved.

If you want to change your machine name, you can simply run the following command:

# hostname puppetmaster

Part 4: Certificate management

According to several sites I read, the server got to sign the certificate to make sure the communication between Puppet agent and master is secure. In my case, I didn’t get the chance to sign the certificate request from agent.

To run the Puppet server, run one of the following commands on the server side. The first command shows extra information than normal commands as shown the second. Don’t run both of them.

# puppet master --no-daemonize –verbose
# puppet master --mkusers

To introduce an agent to the server, run the following command on the agent side:

# puppet agent --server puppetmaster -waitforcert  60

Supposedly, the request can be listed at the server side and then signed as follows:

# puppet cert --list
# puppet cert sign

Part 5: Add site.pp

On the puppet server, add the following code

# vim /etc/puppet/manifests/site.pp

node default {
  file { “/tmp/hello” :
    content => “hello!”

You can actually add modules and so on, but to keep it simple I just use this very simple site.pp to illustrate the idea.

Part 6: Apply Configuration

After the site.pp is saved on the master side, it’s time to apply it on the agent side:

# puppet agent --server --test

This does not change anything because the test switch says it’s just a dry run. To materialize the change, you want to remove the test switch:

# puppet agent --server

To verify the change, you can use the following command on Puppet agent machine.

# cat /tmp/hello

Tricks and Tips

When I tried the Puppet master, I got the following error “Error: could not run: Could not create PID file: /var/run/puppet/” The error was caused by the fact that an instance of master is running or not cleanly shutdown. The solution is to kill it as follows:

# ps –ax | grep puppet
# kill -9 20724

Your process ID is most likely different from listed above. You need to dig it out from the first command.

Now, time to try it by yourself. Have fun!

I will further discuss how to use Puppet in virtualized environment like vSphere, and vCloud Director. Stay tuned.

This entry was posted in Cloud Computing and tagged , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

One Comment

  1. Posted February 20, 2013 at 11:46 pm | Permalink

    Running Puppet in Client/Server Mode (DoubleCloud)

2 Trackbacks

  • By Tofa IT » Running Puppet in Client/Server Mode on February 21, 2013 at 6:24 am

    […] To get the most out of Puppet, you want to run the client/server mode where you have a master […]Running Puppet in Client/Server Mode originally appeared on DoubleCloud by Steve Jin, author of VMware VI and vSphere SDK (Prentice […]

  • […] your first Puppet example works. Next is to use Puppet in distributed fashion [Client/Server Mode] which is the norm in real projects. Tweet Categories: Cloud Computing Tags: […]

Post a Comment

Your email is never published nor shared. Required fields are marked *


You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


    My company has created products like vSearch ("Super vCenter"), vijavaNG APIs, EAM APIs, ICE tool. We also help clients with virtualization and cloud computing on customized development, training. Should you, or someone you know, need these products and services, please feel free to contact me: steve __AT__

    Me: Steve Jin, VMware vExpert who authored the VMware VI and vSphere SDK by Prentice Hall, and created the de factor open source vSphere Java API while working at VMware engineering. Companies like Cisco, EMC, NetApp, HP, Dell, VMware, are among the users of the API and other tools I developed for their products, internal IT orchestration, and test automation.